Job Description

Munich Re is a shared service organization that delivers services to all Munich Re insurance companies and group entities. We are adding to our diverse team of experts and are looking to hire those who are committed to building a culture that enables the creation of innovative solutions for our business units and clients. As a member of Munich Re\'s Global operations, we offer the financial strength and stability that comes with being part of the world\'s preeminent insurance and reinsurance brand. Our risk and security experts work together to assemble the right mix of products and services to help our clients stay competitive and reduce risk - from traditional reinsurance coverages to niche and specialty reinsurance and insurance products.We are seeking an Information Technology Security Officer (ITSO) in our Toronto office to support business entities with offices across the globe. The ITSO is responsible for information security management in several defined offices and/or departments, primarily located in Canada, and reporting to the Global Information Technology Security Office. The successful candidate will work closely with Technology and Security leadership at multiple levels to support the development and implementation of Technology Controls and Information Security related policies, processes, programs, and capabilities. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps, and providing security solutions to mitigate risks and protect Munich Re.Your Role:

• Develop and maintain in depth understanding of Business entity stakeholders, processes, systems, technologies, data, customers, consumers, partners.
• Function as primary security contact / adviser for business executives and their IT, Architecture, Operations, HR, Finance, Legal and other functional departments, and resources.
• Support implementation of the Information Security Management System across the assigned Business entities.
• Proactively identify nonconformity and areas of potential improvement and facilitate development of pragmatic solutions to address issues, utilizing the security tools and processes.
• Engage clients and customers to assist the business in meeting its objectives with pre and post sales activities (e.g., explain our security program, support external audits, support bids/RFP process, assist in customer communication of security incident, etc.).
• Participate in business entity conferences, client facing engagement, industry forums as the primary security representative.
• Work with Incident Response and Crisis Management teams to manage incidents to resolution; assist with investigations as needed.
• Contribute to definition, development, oversight of a global security management strategy and framework.
• Ensure technology, processes, and governance are in place to monitor, detect, prevent, and respond to current and emerging technology and security threats to the business.
• Comply with internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Participate in internal process reviews and activities to identifying opportunities for improvement.
• Advise, oversee, monitor, and enforce frameworks and methodologies that relate to technology controls / information security activities.
• Influence behavior and foster a strong security and risk culture across Munich Re.
• Conduct and support the security awareness program and activities to enhance a security first mindset.
• Ensure efficient flow of relevant information to the Global Head of ITSO, IT Risk and Security and other global security organizations across Munich Re.

Qualifications:

• Technical degree (preferably in IT) and/or expert knowledge/experience with IT infrastructure, security, and risk.
• 5 - 7 years in IT Security/Cyber Security.
• One or more current Security Certifications/Accreditations desired - CISSP, CISM, CCSP, CRISC, CIPT, CISA.
• Solid understanding of security best practices and international standards such as ISO2700x, NIST CSF 2.0, SOC 2 Type 2.
• Experience with Information Security/Technology Governance, Risk, and Control concepts, principles, processes.
• Security Incident Management, Security Training and Awareness knowledge & experience.
• Familiarity with one or more security products/technologies - Identity, Endpoint, Monitoring, Application Security, Analytics/Forensics, etc.
• Basic knowledge of laws and regulations applicable at offices across area(s) of responsibility.
• Advanced knowledge of organization, technology controls, security, and risk issues.
• Demonstrated ability to participate in complex, global initiatives, and projects.
• Customer orientation, strong negotiating, and critical thinking skills.
• Initiative, creativity, open mind for innovation.
• Strong planning, organization, and presentation skills.
• Performance driven and results oriented.
• Excellent communication skills, both oral and written.

Together, we engage with everything we have and are, to help humankind act braver and better.As the world\'s leading reinsurance company with more than 40,000 employees in over 50 locations around the globe, Munich Re introduces a paradigm shift in the way you think about insurance. By turning uncertainty into manageable risk, we enable fundamental change. We recognize Diversity, Inclusion, and Belonging as a key priority with a culture that welcomes different thoughts and opinions. We dare to think big and are continuously innovating on behalf of our clients.We are pleased to offer our employees great benefits and resources to support their mental, physical and financial wellbeing. These include:

• An engaging and collaborative environment that promotes continuous learning and development
• A hybrid work environment that combines weekly in-office and remote days with Meeting-Free lunch hours and Focus Friday afternoons
• A great compensation package including annual company bonus
• Market leading company-paid flexible health and dental benefits, starting on your first day
• Flexible dollars provided by the company to put towards Health Spending Account and/or Wellness Spending Account
• Immediate participation in DC Pension Plan with an automatic 5% employer contribution, plus optional company match
• Generous time off including vacation, personal days, unplanned time, Statutory Holidays and company-wide early closure half-days
• Learning and development programs and resources, including unlimited access to LinkedIn Learning, Education Assistance Program and reimbursement for professional fees
• Maternity, Parental & Adoption Leave top-up program
• Employee Referral Program, Recognition & Rewards Platform

Munich Re Canada is committed to providing a work environment that is inclusive and free of employment barriers and discrimination. Accommodations will be made for qualified applicants with a disability throughout the recruitment process. If you receive a request for an interview and you have a disability which will require an accommodation to support your participation, please consult with Human Resources or contact AODARequestHR@munichre.ca as soon as practical so that suitable accommodations can be arranged.

Munich Re